Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/SqathUkmfs8Gq62ulHseRUeT4og.roa
File: SqathUkmfs8Gq62ulHseRUeT4og.roa (raw, json)
Hash identifier: bFpMVR1rIrN7iX6MW4C/mSDnePkdmi5l6+XpIPeGnmc=
Subject key identifier: 4A:A6:AD:85:49:26:7E:CF:06:AB:AD:AE:94:7B:1E:45:47:93:E2:88
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 018C1559E30EFA81D6806F4AD487B99A74EA
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/SqathUkmfs8Gq62ulHseRUeT4og.roa
Signing time: Tue 28 Nov 2023 09:54:21 +0000
ROA not before: Tue 28 Nov 2023 09:54:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 45012
IP address blocks: 193.22.255.0/24 maxlen: 24
185.80.92.0/24 maxlen: 24
185.80.93.0/24 maxlen: 24
185.80.94.0/23 maxlen: 23
185.137.168.0/22 maxlen: 24
128.127.65.0/24 maxlen: 24
128.127.66.0/24 maxlen: 24
93.90.178.0/24 maxlen: 24
93.90.180.0/23 maxlen: 24
109.237.128.0/20 maxlen: 24
91.203.212.0/22 maxlen: 24
195.82.152.0/23 maxlen: 24
185.207.230.0/24 maxlen: 24
185.207.228.0/22 maxlen: 24
185.207.228.0/24 maxlen: 24
195.5.120.0/23 maxlen: 24
89.22.100.0/22 maxlen: 24
89.22.106.0/24 maxlen: 24
89.22.108.0/24 maxlen: 24
89.22.110.0/23 maxlen: 24
89.22.112.0/22 maxlen: 24
89.22.116.0/22 maxlen: 24
89.22.122.0/23 maxlen: 24
89.22.124.0/22 maxlen: 24
91.220.49.0/24 maxlen: 24
194.145.226.0/24 maxlen: 24
91.203.108.0/22 maxlen: 24
178.250.170.0/24 maxlen: 24
178.250.174.0/24 maxlen: 24
37.218.252.0/24 maxlen: 24
37.218.248.0/22 maxlen: 22
37.218.254.0/24 maxlen: 24
178.20.96.0/21 maxlen: 24
188.64.46.0/23 maxlen: 24
5.44.108.0/22 maxlen: 24
192.162.87.0/24 maxlen: 24
31.47.240.0/20 maxlen: 24
46.243.88.0/21 maxlen: 24
81.88.16.0/24 maxlen: 24
81.88.28.0/22 maxlen: 24
185.3.232.0/22 maxlen: 24
81.88.32.0/20 maxlen: 24
5.44.100.0/23 maxlen: 24
5.44.102.0/23 maxlen: 24
5.44.104.0/22 maxlen: 24
2a02:2b80::/32 maxlen: 48
2a00:fa40:2000::/36 maxlen: 64
2a00:fa40:4000::/36 maxlen: 36
2a00:fa40:3000::/36 maxlen: 36
2a01:64c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 02:29:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:59:e3:0e:fa:81:d6:80:6f:4a:d4:87:b9:9a:74:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Nov 28 09:54:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4aa6ad8549267ecf06abadae947b1e454793e288
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a9:1b:1e:7e:3d:80:04:9f:f0:a2:6c:2e:92:
02:54:98:44:fb:aa:40:70:02:cd:88:bb:38:a7:c6:
15:e0:d5:93:91:7a:b4:80:d8:7e:54:bd:96:98:2e:
d5:15:77:e1:f6:d6:bc:de:f0:f5:e4:62:99:12:37:
b4:3a:f1:23:12:fb:6b:06:5f:23:31:9c:8f:73:61:
fb:b7:c3:83:cb:5a:7d:54:89:11:ec:13:7e:96:d5:
58:cb:0c:60:14:af:1e:fa:c5:0d:09:1c:2c:3f:e7:
b1:0c:2a:0b:9c:34:dd:a9:0c:7a:17:d7:95:6e:54:
52:0b:ce:84:7c:86:a8:fa:ef:aa:ba:10:8c:a2:1e:
21:8c:4d:dc:42:bf:8b:59:26:f5:7f:9b:ba:f6:63:
7a:50:f7:62:19:d8:e4:75:60:37:97:c8:b5:6e:af:
85:c0:5d:59:07:41:88:b1:5a:8f:94:45:a3:db:a8:
5b:b5:02:56:c1:b9:d5:61:02:cf:e6:d6:f0:f4:7a:
cc:9f:0d:55:89:2e:2d:57:05:45:ac:2d:38:17:97:
48:b2:fb:c9:7b:b6:51:cb:42:12:e7:74:a3:54:86:
5d:9b:9f:c1:22:0c:ab:30:2b:63:4e:6f:f5:86:3b:
da:55:24:1b:18:5d:87:14:46:f2:e2:5a:72:7a:10:
33:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:A6:AD:85:49:26:7E:CF:06:AB:AD:AE:94:7B:1E:45:47:93:E2:88
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/SqathUkmfs8Gq62ulHseRUeT4og.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.100.0-5.44.111.255
31.47.240.0/20
37.218.248.0-37.218.252.255
37.218.254.0/24
46.243.88.0/21
81.88.16.0/24
81.88.28.0-81.88.47.255
89.22.100.0/22
89.22.106.0/24
89.22.108.0/24
89.22.110.0-89.22.119.255
89.22.122.0-89.22.127.255
91.203.108.0/22
91.203.212.0/22
91.220.49.0/24
93.90.178.0/24
93.90.180.0/23
109.237.128.0/20
128.127.65.0-128.127.66.255
178.20.96.0/21
178.250.170.0/24
178.250.174.0/24
185.3.232.0/22
185.80.92.0/22
185.137.168.0/22
185.207.228.0/22
188.64.46.0/23
192.162.87.0/24
193.22.255.0/24
194.145.226.0/24
195.5.120.0/23
195.82.152.0/23
IPv6:
2a00:fa40:2000::-2a00:fa40:4fff:ffff:ffff:ffff:ffff:ffff
2a01:64c0::/32
2a02:2b80::/32
Signature Algorithm: sha256WithRSAEncryption
5c:9f:93:36:cd:95:37:c6:98:ce:5b:fb:3e:75:32:27:25:e3:
27:23:fe:04:c0:fa:80:e8:39:f5:d5:b5:6b:d8:73:ea:af:c4:
f7:b2:b8:82:1f:46:85:da:28:01:7b:f9:2c:87:44:b6:ea:94:
70:8c:2e:c6:88:f4:26:a4:46:de:c8:c2:69:c5:31:26:93:35:
89:12:eb:28:e7:f2:27:03:9c:21:ec:0c:ac:69:6f:da:0b:7d:
b3:21:7c:ea:30:9f:9c:bc:9f:3b:21:9b:84:d9:a0:34:16:3a:
f4:28:46:6a:b0:f0:7a:a4:e2:e1:1c:06:1b:f2:23:a6:e2:ad:
96:8b:58:4d:4c:cc:7e:c2:65:fe:6c:92:73:58:50:4b:4f:3f:
2a:0e:4b:b4:cf:7e:ee:c0:52:7c:7c:b5:06:c7:0e:c0:ce:00:
84:d0:90:bf:08:10:bf:f9:36:91:0a:54:e9:35:63:3c:10:d3:
5e:00:19:f6:78:33:75:c1:ba:fd:ce:f8:00:f7:c5:2c:c4:51:
6c:61:ac:f8:5e:5d:56:f7:cd:e5:5f:53:21:92:af:ab:93:e0:
6d:4b:bd:c4:e6:df:fe:df:9f:66:c7:4f:60:f7:a8:f7:b0:9d:
06:fe:1e:3c:df:81:01:5e:2b:af:73:21:b9:8d:7b:eb:28:82:
b7:d5:c6:06
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAYwVWeMO+oHWgG9K1Ie5mnTqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMxMTI4MDk1NDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWE2YWQ4NTQ5MjY3ZWNmMDZhYmFkYWU5NDdiMWU0NTQ3OTNlMjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKkbHn49gASf8KJsLpICVJhE+6pA
cALNiLs4p8YV4NWTkXq0gNh+VL2WmC7VFXfh9ta83vD15GKZEje0OvEjEvtrBl8j
MZyPc2H7t8ODy1p9VIkR7BN+ltVYywxgFK8e+sUNCRwsP+exDCoLnDTdqQx6F9eV
blRSC86EfIao+u+quhCMoh4hjE3cQr+LWSb1f5u69mN6UPdiGdjkdWA3l8i1bq+F
wF1ZB0GIsVqPlEWj26hbtQJWwbnVYQLP5tbw9HrMnw1ViS4tVwVFrC04F5dIsvvJ
e7ZRy0IS53SjVIZdm5/BIgyrMCtjTm/1hjvaVSQbGF2HFEby4lpyehAz1wIDAQAB
o4IDIzCCAx8wHQYDVR0OBBYEFEqmrYVJJn7PBqutrpR7HkVHk+KIMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvU3FhdGhVa21mczhHcTYydWxIc2VSVWVUNG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNwYIKwYBBQUHAQcBAf8EggEmMIIBIjCB9wQCAAEwgfAw
DAMEAgUsZAMEBAUsYAMEBB8v8DAMAwQDJdr4AwQAJdr8AwQAJdr+AwQDLvNYAwQA
UVgQMAwDBAJRWBwDBARRWCADBAJZFmQDBABZFmoDBABZFmwwDAMEAVkWbgMEA1kW
cDAMAwQBWRZ6AwQHWRYAAwQCW8tsAwQCW8vUAwQAW9wxAwQAXVqyAwQBXVq0AwQE
be2AMAwDBACAf0EDBACAf0IDBAOyFGADBACy+qoDBACy+q4DBAK5A+gDBAK5UFwD
BAK5iagDBAK5z+QDBAG8QC4DBADAolcDBADBFv8DBADCkeIDBAHDBXgDBAHDUpgw
JgQCAAIwIDAQAwYFKgD6QCADBgQqAPpAQAMFACoBZMADBQAqAiuAMA0GCSqGSIb3
DQEBCwUAA4IBAQBcn5M2zZU3xpjOW/s+dTInJeMnI/4EwPqA6Dn11bVr2HPqr8T3
sriCH0aF2igBe/ksh0S26pRwjC7GiPQmpEbeyMJpxTEmkzWJEuso5/InA5wh7Ays
aW/aC32zIXzqMJ+cvJ87IZuE2aA0Fjr0KEZqsPB6pOLhHAYb8iOm4q2Wi1hNTMx+
wmX+bJJzWFBLTz8qDku0z37uwFJ8fLUGxw7AzgCE0JC/CBC/+TaRClTpNWM8ENNe
ABn2eDN1wbr9zvgA98UsxFFsYaz4Xl1W983lX1Mhkq+rk+BtS73E5t/+359mx09g
96j3sJ0G/h4834EBXiuvcyG5jXvrKIK31cYG
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:44 2024 by rpki-client on console-ams.rpki-client.org